apnscp 3.0 released

apnscp v3 is finally here! This is a polished release incorporating over 450+ changes since beta that launched in September. Among these changes are several notable additions:

  • rspamd + SRS support. SRS reforms a forwarded email’s envelope to match the forwarding server. Fixes DKIM/SPF problems with forwarded messages
  • Virus scan support in Web > Web Apps when clamav_enabled is set
  • upcp supports running components, e.g. upcp -b mail/rspamd
  • mod_evasive configuration scope, cpcmd config_get apache.evasive
  • Auto-learn feature by dragging mail in/out of Spam folder
  • Argos supports several new backends, including Slack
  • Bootstrapper override support (/root/apnscp-vars-runtime.yml), cpcmd config_get apnscp.bootstrapper
  • Sticky workers - apnscpd will reuse a hot session if possible to eliminate reinitialization overhead

With 3.0 out the door, it’s time to address feature requests that will be implemented in 3.1. This includes support for ownCloud, TimescaleDB metrics, PHP-FPM (when apache,jail=1 is configured for a site), Dovecot/Postfix SNI via haproxy, and block storage attachment. These will be incrementally rolled out as part of the master branch, so if you’d like to continue to receive technology as it’s released, set your update policy to “edge”:

cpcmd config_set apnscp.update-policy edge

:white_check_mark: v3 release notes

Congrats. Will try it now.

Is Apache the only configuration supported or could we configure WordPress and other sites to run on Nginx?

apnscp is Apache-only. There would be significant retooling involved to support tiered subdomain maps, of which I’m not aware of Nginx providing a similar facility. Moreover mod_evasive is an Apache module that sieves brute-force to fail2ban via bean counter. It’s possible to learn Nginx’s API in detail to do it, but…

An application’s chokepoint won’t be Apache or Nginx but rather the architecture itself. I benchmarked 10,000 static requests on Nginx and Apache, ab -n 10000 -c 20 and Nginx is faster by 3 ms. When a site takes 1500 milliseconds to load, that’s 0.2% of the total processing time.

It’s the wrong component to optimize for when doing so would violate some of the core features of apnscp’s HTTP stack.


Requests per second:    6129.89 [#/sec] (mean)
Time per request:       3.263 [ms] (mean)
Time per request:       0.163 [ms] (mean, across all concurrent requests)
Transfer rate:          23549.80 [Kbytes/sec] received


Total transferred:      41140000 bytes
HTML transferred:       37000000 bytes
Requests per second:    3100.00 [#/sec] (mean)
Time per request:       6.452 [ms] (mean)

Add section on next release where we can start stop restart the services(mail,dns,etc) used by apnc panel… thanks

All of these should be driven by configuration knobs, not decisions. If you want monitoring, look into Argos, which is bundled with apnscp and will inform you, through your chosen channel, when a service flaps. You should never need to interact with a start/stop/restart toggle unless the system is broken. If the system is broken, then I’d love to know because I missed something!

cpcmd config_get apnscp.bootstrapper and cross referencing Bootstrapper are your best heuristics for now. You’re hosting websites, not building servers - I’ll take care of that part. You work on your sites :slight_smile:

Just want to disable the mail and anti spam to save resources…

That’s easy!

cpcmd config_set mail_enabled false
cpcmd config_set anyversion_enabled false
upcp -sb


Any-version disablement is part of v3.0.23 if you’re not there yet.